/* Send our public DH value and a nonce to the peer. */ int ike_phase_1_send_KE_NONCE (struct message *msg, size_t nonce_sz) { /* Public DH key. */ if (ipsec_gen_g_x (msg)) { /* XXX How to log and notify peer? */ return -1; } /* Generate a nonce, and add it to the message. */ if (exchange_gen_nonce (msg, nonce_sz)) { /* XXX Log? */ return -1; } /* Try to add certificates which are acceptable for the CERTREQs */ if (exchange_add_certs (msg)) { /* XXX Log? */ return -1; } return 0; }
/* Send our public DH value and a nonce to the peer. */ int ike_phase_1_send_KE_NONCE(struct message *msg, size_t nonce_sz) { /* Public DH key. */ if (ipsec_gen_g_x(msg)) { /* XXX How to log and notify peer? */ return -1; } /* Generate a nonce, and add it to the message. */ if (exchange_gen_nonce(msg, nonce_sz)) { /* XXX Log? */ return -1; } /* Are there any CERTREQs to send? */ if (exchange_add_certreqs(msg)) { /* XXX Log? */ return -1; } /* Try to add certificates which are acceptable for the CERTREQs */ if (exchange_add_certs(msg)) { /* XXX Log? */ return -1; } /* If this exchange uses NAT-Traversal, add NAT-D payloads now. */ if (msg->exchange->flags & EXCHANGE_FLAG_NAT_T_CAP_PEER) if (nat_t_exchange_add_nat_d(msg)) { /* XXX Log? */ return -1; } return 0; }